Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/0Z-rzxBLOWIfSfgExnNziFjknFI.roa
File: 0Z-rzxBLOWIfSfgExnNziFjknFI.roa (raw, json)
Hash identifier: WIPxFrkjwE/aiN3DpBiUfgIiKOHJkBOTh5tGpO+hM/Q=
Subject key identifier: D1:9F:AB:CF:10:4B:39:62:1F:49:F8:04:C6:73:73:88:58:E4:9C:52
Certificate issuer: /CN=d47e62cbf5fef3377f9e7cd58558f44e2eea9bce
Certificate serial: 019427B56EE4411A1585742961C54A0AD48D
Authority key identifier: D4:7E:62:CB:F5:FE:F3:37:7F:9E:7C:D5:85:58:F4:4E:2E:EA:9B:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1H5iy_X-8zd_nnzVhVj0Ti7qm84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/0Z-rzxBLOWIfSfgExnNziFjknFI.roa
Signing time: Thu 02 Jan 2025 15:49:49 +0000
ROA not before: Thu 02 Jan 2025 15:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49556
IP address blocks: 91.207.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:6e:e4:41:1a:15:85:74:29:61:c5:4a:0a:d4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d47e62cbf5fef3377f9e7cd58558f44e2eea9bce
Validity
Not Before: Jan 2 15:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d19fabcf104b39621f49f804c673738858e49c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a2:e7:39:4f:c8:49:60:8e:cb:e7:35:94:6d:
d9:56:d7:d7:20:79:9f:84:eb:b0:15:47:e2:26:5e:
a0:bc:98:57:85:9d:c6:72:d5:e3:4d:82:78:87:af:
0a:92:05:a0:f6:c6:c4:eb:a5:d0:bc:07:ad:f7:2d:
72:14:6d:79:c6:95:86:b2:98:69:38:ae:dd:76:19:
e5:3b:01:13:52:99:51:be:a0:96:2e:25:68:52:25:
6f:61:65:8b:97:ae:a3:40:31:29:43:8d:8d:ef:64:
a3:fc:c5:44:0b:3b:81:7b:28:18:ca:2e:2f:d8:7e:
76:ec:4f:d4:32:6e:45:9e:f5:e1:13:5e:74:0a:57:
ca:68:99:72:1b:97:3f:ca:3b:69:37:4e:78:d8:54:
11:df:5e:e5:7d:53:39:43:9c:e1:e1:bc:4d:21:0c:
c5:18:35:66:8e:83:2c:29:f8:c9:4e:b3:87:76:17:
37:19:20:c9:bc:be:27:36:10:6b:12:f4:4a:e5:e3:
23:bc:7f:24:ac:83:a4:d3:21:a8:f8:50:d4:33:0c:
36:1b:d7:c0:85:15:98:98:e8:8a:c5:b0:06:22:98:
46:9c:84:7b:3f:32:ca:05:e1:83:d3:84:ec:e9:81:
c7:62:a1:e7:59:cb:f6:8e:ed:d5:73:af:19:76:dd:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9F:AB:CF:10:4B:39:62:1F:49:F8:04:C6:73:73:88:58:E4:9C:52
X509v3 Authority Key Identifier:
keyid:D4:7E:62:CB:F5:FE:F3:37:7F:9E:7C:D5:85:58:F4:4E:2E:EA:9B:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1H5iy_X-8zd_nnzVhVj0Ti7qm84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/0Z-rzxBLOWIfSfgExnNziFjknFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.18.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:a4:20:3e:ec:0f:40:a6:7c:30:c1:c4:cc:e1:16:77:84:52:
9b:fa:d4:e6:1e:60:5d:60:7b:26:55:d9:d4:33:85:f7:3f:80:
95:f8:31:42:9f:8b:de:96:6a:b4:0e:1d:8e:15:ae:4a:5e:c3:
5d:96:39:82:7a:56:4f:88:a0:72:4e:ce:74:9b:76:02:a5:5e:
82:a6:6d:22:72:9e:6e:b6:92:ab:c4:f3:07:d9:c1:d5:72:fa:
21:c7:7d:01:a7:85:e9:86:a8:ec:00:88:fc:31:2c:58:11:4d:
0c:19:d5:55:d9:bc:41:41:b4:93:cf:e6:e4:af:85:8c:97:a9:
9f:41:c0:d1:f7:34:85:d8:bc:ec:5f:b0:7c:17:8d:e1:f2:8a:
f4:2c:69:ca:56:c6:fa:81:0f:fb:5e:b9:38:72:2e:64:57:30:
69:17:b8:ae:b2:e8:9d:f1:15:47:1f:55:4a:25:d1:f8:da:d6:
a5:cf:5e:d1:51:c3:77:f7:71:88:d3:ee:b6:37:f8:f2:dd:02:
50:ee:46:b3:ee:16:83:10:35:69:00:58:43:e0:5b:09:d8:07:
17:e3:99:4c:c4:ad:42:fa:c5:2d:15:84:65:b4:74:03:67:62:
86:ac:c7:2c:4c:66:a9:14:7e:0e:0f:d7:8b:b7:ed:e1:a7:62:
c0:0f:f5:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntW7kQRoVhXQpYcVKCtSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0N2U2MmNiZjVmZWYzMzc3ZjllN2NkNTg1NThmNDRlMmVl
YTliY2UwHhcNMjUwMTAyMTU0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmYWJjZjEwNGIzOTYyMWY0OWY4MDRjNjczNzM4ODU4ZTQ5YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6LnOU/ISWCOy+c1lG3ZVtfXIHmf
hOuwFUfiJl6gvJhXhZ3GctXjTYJ4h68KkgWg9sbE66XQvAet9y1yFG15xpWGsphp
OK7ddhnlOwETUplRvqCWLiVoUiVvYWWLl66jQDEpQ42N72Sj/MVECzuBeygYyi4v
2H527E/UMm5FnvXhE150ClfKaJlyG5c/yjtpN0542FQR317lfVM5Q5zh4bxNIQzF
GDVmjoMsKfjJTrOHdhc3GSDJvL4nNhBrEvRK5eMjvH8krIOk0yGo+FDUMww2G9fA
hRWYmOiKxbAGIphGnIR7PzLKBeGD04Ts6YHHYqHnWcv2ju3Vc68Zdt0vEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGfq88QSzliH0n4BMZzc4hY5JxSMB8GA1UdIwQY
MBaAFNR+Ysv1/vM3f5581YVY9E4u6pvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUg1aXlfWC04emRfbm56VmhWajBUaTdxbTg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hYTlkNGUtMTIyNi00MGU3LWE5YzEt
NDY5ZDNhNTFkNDdkLzEvMFotcnp4QkxPV0lmU2ZnRXhuTnppRmprbkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hYTlkNGUtMTIyNi00MGU3LWE5YzEtNDY5ZDNhNTFkNDdk
LzEvMUg1aXlfWC04emRfbm56VmhWajBUaTdxbTg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW88SMA0G
CSqGSIb3DQEBCwUAA4IBAQDApCA+7A9ApnwwwcTM4RZ3hFKb+tTmHmBdYHsmVdnU
M4X3P4CV+DFCn4velmq0Dh2OFa5KXsNdljmCelZPiKByTs50m3YCpV6Cpm0icp5u
tpKrxPMH2cHVcvohx30Bp4XphqjsAIj8MSxYEU0MGdVV2bxBQbSTz+bkr4WMl6mf
QcDR9zSF2LzsX7B8F43h8or0LGnKVsb6gQ/7Xrk4ci5kVzBpF7iusuid8RVHH1VK
JdH42talz17RUcN393GI0+62N/jy3QJQ7kaz7haDEDVpAFhD4FsJ2AcX45lMxK1C
+sUtFYRltHQDZ2KGrMcsTGapFH4OD9eLt+3hp2LAD/XP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:21 2025 by rpki-client on console.sobornost.net